我有一个ASP.NET Core应用程序,该应用程序需要根据发出请求的客户端的Active Directory组来决定是否从控制器端点返回信息。我尝试实现自定义授权,如下所示:
Startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddOptions();
services.AddSingleton(Configuration);
services.AddSignalR();
services.AddAuthorization(options=> {
options.AddPolicy("RequiredADGroupName", policy=>policy.Requirements.Add(new ActiveDirectoryRequirement("RequiredADGroupName")));
});
}
ActiveDirectoryRequirement.cs
public class ActiveDirectoryRequirement: IAuthorizationRequirement
{
public string ActiveDirectoryGroupName { get; set; }
public ActiveDirectoryRequirement(string groupName)
{
ActiveDirectoryGroupName = groupName;
}
}
ActiveDirectoryHandler.cs
public class ActiveDirectoryHandler: AuthorizationHandler<ActiveDirectoryRequirement>
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ActiveDirectoryRequirement requirement)
{
//authorization logic
}
}
下一个只是我如何使用此授权的一个示例。 HomeController.cs
public class HomeController : Controller
{
[Authorize(Policy = "RequiredADGroupName")]
public IActionResult Index()
{
return View();
}
}
运行项目时,出现以下错误:
InvalidOperationException: No authenticationScheme was specified, and there was no DefaultForbidScheme found.
我在做什么错了?
答案 0 :(得分:0)
尝试向dag = DAG(dag_id, default_args=default_args, schedule_interval=None, max_active_runs=1, concurrency=1)
注册IAuthorizationHandler,例如:
ActiveDirectoryHandler